2024-11-14 18:14:50 +00:00
|
|
|
resource "aws_key_pair" "key" {
|
|
|
|
key_name = "my-key" # Replace with your key name
|
|
|
|
public_key = file("~/.ssh/my-key.pub") # Replace with the path to your public key
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "aws_security_group" "ad_sg" {
|
|
|
|
name = "ad_security_group"
|
|
|
|
description = "Allow RDP and necessary AD ports"
|
|
|
|
|
|
|
|
ingress {
|
|
|
|
from_port = 3389
|
|
|
|
to_port = 3389
|
|
|
|
protocol = "tcp"
|
|
|
|
cidr_blocks = ["0.0.0.0/0"]
|
|
|
|
}
|
|
|
|
|
|
|
|
# Required ports for Active Directory
|
|
|
|
ingress {
|
|
|
|
from_port = 135
|
|
|
|
to_port = 135
|
|
|
|
protocol = "tcp"
|
|
|
|
cidr_blocks = ["0.0.0.0/0"]
|
|
|
|
}
|
|
|
|
ingress {
|
|
|
|
from_port = 389
|
|
|
|
to_port = 389
|
|
|
|
protocol = "tcp"
|
|
|
|
cidr_blocks = ["0.0.0.0/0"]
|
|
|
|
}
|
|
|
|
ingress {
|
|
|
|
from_port = 445
|
|
|
|
to_port = 445
|
|
|
|
protocol = "tcp"
|
|
|
|
cidr_blocks = ["0.0.0.0/0"]
|
|
|
|
}
|
|
|
|
ingress {
|
|
|
|
from_port = 1024
|
|
|
|
to_port = 65535
|
|
|
|
protocol = "tcp"
|
|
|
|
cidr_blocks = ["0.0.0.0/0"]
|
|
|
|
}
|
|
|
|
|
|
|
|
egress {
|
|
|
|
from_port = 0
|
|
|
|
to_port = 0
|
|
|
|
protocol = "-1"
|
|
|
|
cidr_blocks = ["0.0.0.0/0"]
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-11-14 18:47:08 +00:00
|
|
|
data "template_file" "init" {
|
|
|
|
template = "${file("populate_ad/run.ps1.tpl")}"
|
|
|
|
|
|
|
|
vars = {
|
|
|
|
forest_mode = ""
|
|
|
|
domain_mode = ""
|
|
|
|
domain_name = "${aws_instance.some.private_ip}"
|
|
|
|
domain_netbios_name = ""
|
|
|
|
safe_mode_password = ""
|
|
|
|
domain_admin_password = ""
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-11-14 18:14:50 +00:00
|
|
|
resource "aws_instance" "windows_ad_server" {
|
|
|
|
ami = "ami-0d8f6eb4f641ef691" # Change to a Windows Server AMI in your region
|
|
|
|
instance_type = "t3.medium"
|
|
|
|
key_name = aws_key_pair.key.key_name
|
|
|
|
vpc_security_group_ids = [aws_security_group.ad_sg.id]
|
|
|
|
associate_public_ip_address = true
|
|
|
|
|
2024-11-14 18:47:08 +00:00
|
|
|
user_data = ${data.template_file.init.rendered}
|
2024-11-14 18:14:50 +00:00
|
|
|
|
|
|
|
# Wait until instance status is ready before proceeding
|
|
|
|
provisioner "local-exec" {
|
|
|
|
command = "echo 'Instance is booting and configuration script is being executed'"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
output "instance_id" {
|
|
|
|
value = aws_instance.windows_ad_server.id
|
|
|
|
}
|
|
|
|
|
|
|
|
output "instance_ip" {
|
|
|
|
value = aws_instance.windows_ad_server.public_ip
|
|
|
|
}
|